You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@kafka.apache.org by Somasuntaram <so...@kloudone.com> on 2021/10/11 09:31:02 UTC
Apache kafka SSL Security
Hi ,
I have been trying to enable Kafka security ssl authentication using
certificates and encryption. but i am getting errors when i try to create a
topic and Kafka status fails whereas zookeeper is running fine.
Note :- The screenshot of the error I get when I try to create a topic is
attached below
These are commands I tried to create and also i have attached the
server.properties configuration file for your reference.
. Generate the key into a temporary keystore initially
1 keytool -keystore kafka.server.keystore.jks -alias localhost
-validity 365 -genkey
Generate CA
2 openssl req -new -x509 -keyout ca-key -out ca-cert -days 365
Add the generated CA to the clients’ truststore
3 keytool -keystore kafka.client.truststore.jks -alias CARoot -import
-file ca-cert
Export the certificate from the keystore:
4 keytool -keystore kafka.server.keystore.jks -alias localhost
-certreq -file cert-file
Sign it with the CA:
5 openssl x509 -req -CA ca-cert -CAkey ca-key -in cert-file -out
cert-signed -days 365 -CAcreateserial -passin pass:windows
Import the certificate of the CA into the keystore
6 keytool -keystore kafka.server.keystore.jks -alias CARoot -import
-file ca-cert
Import the signed certificate into the keystore
7 keytool -keystore kafka.server.keystore.jks -alias localhost
-import -file cert-signed
Note:- The SSL certificates are in SSL folder inside the Kafka directory
itself.
Please help in solving this issue.